Security Controls & Resilience

Threat Hunting using MITRE ATTACK

Organisations introducing threat hunting into their operational security team’s remit will encourage a proactive approach to detecting and responding to sophisticated cyber threats. Threat hunting demands disciplined and focused effort using threat intelligence to inform the investigation team on what to examine. Incorporating the MITRE ATTACK Framework into your organisation’s threat hunting model is the best way to determine which tactics, techniques and procedures (TTPs) to search for across your environment.

Read More

Cyber security metrics – selection bias at its best

As cyber risks now get discussed at all levels, there is a need for businesses to understand the scale of cyber threats and the performance of their security operations functions.  This is much like any other strand of the organisational activity.  Sales has its sales figures and growth; HR has its churn rates and numbers of vacancies; and Quality Assurance has its failure or return rates.  Cyber security metrics are also important.

Read More

Cyber Security for the Australian Energy Sector

The Australian Cyber Security Centre (ACSC) has created several publications aimed at helping critical infrastructure providers protect ICT systems from the escalating threat of nation state cyber-attack. The Australian Government has recently stated that organisations in both the public and private sectors are continually being targeted by adversarial nation states, and ACSC’s incident response activities over the past years show that water and power distribution networks, transport and communications grids are all at risk. The Australian Energy Market Operator (AEMO) has taken ACSC’s guidance and developed its own set of standards for uplifting the Australian energy sector, helping entities to become more cyber resilient. In this blog post we look at AEMO’s guidelines and how they relate to both IT and OT security.

Read More

Australia Under Cyber Attack

On Friday 19th June, the Australian Prime Minister gave a press conference outlining an intense and persistent cyber attack against Australian organisations, allegedly originating from an overseas adversary. The Prime Minister confidently stated that a hostile nation-state was behind the campaign, refrained from naming the culprit. Other news outlets, however, suggested unnamed senior government officials  claimed the origin was China, but this remains unconfirmed by official sources.

Read More

CMMC – Restrict Admin Privileges

This blog post “CMMC – Restrict Admin Privileges” is the tenth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More

Moving security from “Keeping the lights on” to “Getting back to normal”

In the first quarter of 2020 IT and security teams around the world faced an unprecedented challenge.  The coronavirus pandemic grew in a matter of weeks to a phenomenon that would disrupt businesses, lives and the economy like nothing else we have faced before.

The introduction of lockdowns, travel restrictions and stay-at-home orders forced many businesses to adjust almost overnight to a different way of working that avoided staff being in offices or on sites.  Some staff had to balance work obligations with a need to home-school children, some had to shelter for their own safety, some were furloughed or laid off – leaving businesses without access to their abilities.

Read More

ANAO cyber review of Federal Government agencies

The 2019-20 ‘Interim Report on Key Financial Controls of Major Entities’ has been released.  The Australian National Audit Office’s (ANAO) review focused on the financial and HR systems of eighteen Australian Government agencies.

The report revealed that only one of the eighteen agencies that were reviewed was rated as achieving and managing their cyber resilience to Essential Eight Maturity Level Three requirements.  It also found that four agencies had incorrectly self-assessed, due to a poor understanding of their requirements.

Read More

Cyber Hygiene equals Cyber Resilience

Cyber hygiene is a relatively new term to describe the basic security practices everyone should be doing to ensure their organisation remains safe from common security threats. Yet even these most basic security controls are often neglected or not implemented correctly, unduly leaving the business exposed to risks they could easily counter.

Read More

CMMC – Monitoring Privileged Users

This blog post “CMMC – Monitoring Privileged Users” is the ninth in a series on Cybersecurity Maturity Model Certification (CMMC) – a US Department of Defense (DoD) initiative that imposes requirements on contractors and subcontractors to help safeguard information within the US defense supply chain.

Read More
1 2 3 4 7